[NBLUG/talk] "Stealth'ing" *NIX into a MS-Win shop...?

[S. Saunders]

On Wed, December 14, 2005 15:06, Chris Palmer wrote:

> S. Saunders writes:
>
>> Among other problems currently seen
>
> This seems to trail off.

Yah, sorry.  Mouse-error (didn't notice the mouse was *right*
over the "Send" button when I reached for the PostIt pad next
to said rodent, and   >click<

:-/


> What are some actual problems you are having?

Mostly, by-report.  I'm new, have seen only trivial problems so
far.  But, central file-server going down multiple times per year.
IME, a properly-configured *NIX box running stable versions of
the OS and all app's/services (nothing bleeding-edge!!!) should
trivially be able to handle over a year of uptime, and service all
requests for all that time.  Barring hardware failure, of course.

Printer/driver problems -- one printer won't print after the server
goes down, 'til an Admin-privileged user submits a print job, but
then it's OK again.  Another printer has perennial paper-tray
issues (they can't keep it using Tray 2 by default), and different
users' OS/patchlevel config's mean they haven't been able to
standardize on a single driver (given that the 2 co-owners of
the company are 2 of the "unique" OS'es (one on XPpro in an
otherwise pre-XP shop, the other running Mac OS X), I'm kinda
stuck with supporting them & can't force 'em to "standardize"
;-)


> It depends on the problems, the applications, user expectations,
> and so on. Please tell us more.

Some problems listed above; I'm sure I'll find more.  :)

App's -- well, they're more-or-less committed to several MS-only
app's:  they have an accounting package whose next version
(that they need to install for CY'06) *must* be back-ended by
MS SQL-Server or MSDE.  They need AutoCAD (which *used*
to be a UNIX app (and I used to support it on SunOS, Solaris,
Ultrix, AIX, *AND* MS-Windows), but AFAICT is now only a
Windows app).  They're about to deploy a GIS package; I'm
trying to find an OpenSource alternative (just started looking
today, in fact), but so far I've found none ready to just "fire
and forget" into user-land.  Various little utilities (e.g. Hobo's
"Boxcar" for data-probes).

user expectations -- Basically, that "things break".  I'm hoping,
frankly, that I can change that expectation, at least on the
file-server / print-server front.  My expectation from the *NIX
world is that, with the right config's, things *WORK* and don't
break.  Servers stay UP, and serve files.  Printers may paper-
jam and run out of consumables, but from an OS-centric view
once you're configured right, it Just Works (obviously, if nobody
services the jammed printer and people keep spooling jobs,
you'll eventually fill the spooling filesystem... and if you spool
to a filesystem that services other needs, other things may
then start to break in turn... (etc)... but those are other issues,
and MS-Win will break under similar circumstances, too).


> Also, why do you have to "sneak" Unix/Linux in? It sounds like
> you are the main techie there, so why does anyone care?

It needs to be "invisible" to all end-users.  I'll inform everyone in
my management chain, though (see next point...).

> Now, I can understand the "It must be standard and it must be
> manageable by 'accidental' techies and/or non-techies" point of
> view -- they don't want to get locked in, always having to have
> a Unix geek on-hand.

They are willing to pay an outside consultant at need; in fact, they
*expect* to.  But anything that *I* deploy that's "new to them"
must come with a list of vendors to contact if/when I'm out sick,
on vacation, quit/fired, etc.  And their first choice is to do at least
SOME troubleshooting / fixing in-house.


> You should to at least consider the possibility that Windows (or
> Mac OS X!) may be their best option.

Oh, I am!

Not so much OS X; from all I've seen/heard, the Server version is
still a bit flaky, though I haven't (yet) looked into the latest version.

I consider it about 50/50 that this shop should NOT go with anything
*NIX in their server-mix (for now, at least).  But, if I don't look into it
for them, they don't get that 50% shot at an upside.  So, I'm looking.


> Also consider the amount of work it might take to make a Linux
> setup that acheives the properties of "standard" and "manageable
> by semi-techies". (For starters, it might mean Red Hat Enterprise
> Linux using only Red Hat-supplied RPMs, no third-party RPMs
> or source builds!)

Yep.  And if so, it's likely a no-go -- I'm hoping to use cost-savings
as a key selling-point, e.g. a free (as in free beer) OS running on
old/"underpowered" boxen (recycled from other uses) to make the
server environment more reliable.  i.e. they only pay my salary, and
don't buy anything new...

But, if I have to put in hundreds of hours to get the whole schtick up
& running, that *IS* the cost of a burly server with MS-licenses, so
it'd be a $$$-wash just in up-front costs, not counting the costs over
time to them for running a heterogenous server environment.


> I don't know how good Samba's integration with Windows'
> authentication
> server is -- last time I tried it (two years ago! maybe things have
> changed), winbindd required significant hand-holding. But the actual
> file service of Samba works fine and I recommend it where applicable.

I believe that Samba 3 has substantial improvements.  3.0.21r2 is
out for testing/commentary to the community, expected (if I'm
understanding correctly) to be frozen and released as a "stable"
product some time in January.


> Do you have a Windows domain?

Yes.


> I really wouldn't categorically say that Unix/Linux is necessarily more
> stable. Stability is measurable and quantifiable, but there are so
> many factors that impinge -- administrator skill foremost.

Well, a low-skill SysAdmin can break *anything* no matter how
"stable" it _potentially_ is (I once had someone say, "what's this
"kernel" file in the root filesystem?  I can remove THAT!" for SunOS
(it was the kernel binary executable file -- leaving nothing to boot
from next time they powered on).  Conversely, a really skilled one
can keep things running smoothly, that most of the rest of the
ITverse would be routinely rebooting in lieu of fixing.

That said... I know of no production *NIX shops (except those
running very-new and cutting-if-not-bleeding-edge stuff) that
need to schedule periodic "preventative reboots," nor any that
regard "reboot the server" as a _regular_ debugging strategy.
But I *do* know of several such Windows shops.  Each with
support-staff having years of experience with their respective
OS'es.

Now, rumor hath it that XP-Pro is *substantially* better in this
regard... but none of my servers run XP, nor are they likely to
for at least a year (if I've understood them correctly).


> What I think you're saying is that Unix/Linux run more stably *for
> you*,

Absolutely.

> because you understand them better than you do Windows.
> Entirely reasonable (and the same is true for me).

As noted above, I'll dispute that the *only* reason they run
more stably is because I'm a better UNIX-geek than a MS-geek;
but I can't deny that a MS-guy with as much MS background as
I've got *NIX background would do better with MS than I can,
so I can't dismiss your point out-of-hand.  ;-)


> But make sure it's the right thing first.

Yah.
First, I educate myself.
Then, I set up a little pilot-project on my own baby micro-network
(one server, one workstation, one printer, no connection to the
rest of the world).  Test, re-test, break it on purpose and test it
some more.

Clone production data onto my micro-net; test it some more; get
it ready to deploy.

THEN, and only then, do I pitch it to the Powers That Be.  And by
that time, hopefully, I'll have seen the existing infrastructure in
operation for long enough that I'll have a better handle on both
it's strengths and weaknesses, and know if it's even WORTH the
pitch...  If it looks like a waste of my time & theirs, I won't bother.


- Steve S.